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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH{S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- ff NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

^)M Responsive to communication(s) filed on 09 January 2006 . 
2a)n This action is FINAL. 2b)13 This action is non-final. 

3) n Since this application is in condition for allowance except for fomnal matters, prosecution as to the nnerits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) S Clainn(s) 1-16 and 18-23 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) IE Claim(s) 1-16 and 18-23 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) n The drawjng(s) filed on is/are: a)n accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1, 121(d). 
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application from the International Bureau (PCT Rule 17.2(a)). 
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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1. 17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1,114, and the fee set forth in 37 CFR 1. 17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.114. Apphcant's submission filed on 1/9/2006 has been entered. 

Claim Rejections - 35 USC §102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1 (2) of such treaty in the English language. 

3. Claims 1, 3-6 and 8 are rejected under 35 U.S.C. 102(e) as being anticipated by U.S. 
Patent Number 7,007,093 to Spicer et al.. 

4. As to claim 1, Spicer teaches a reverse proxy network communication scheme 
comprising: a proxy agent located inside a protected network addressable by a least one intemal 
network device, the proxy agent estabUshing outgoing network connections (col. 4, hnes 4-24, 
the polling server is addressable by the print server); a security device through which all traffic 
between the protected network and external networks must travel, the security device permitting 
at least outgoing connections via at least one predetermined network protocol (the firewall in 
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Figure 1); an external proxy server outside the protected network and reachable by the proxy 
agent via outgoing network connections through the security device, the external proxy server 
also being addressable by at least one external network device, thereby allowing communication 
between the at least one external network device and the at least one internal network device, and 
wherein the external proxy server does not initiate connections with the proxy agent (The proxy 
server in Figure 1 is the external proxy server). 

5. As to claim 3, Spicer teaches the scheme of claim 1 further including an outgoing proxy 
server in communication with the agent and which the proxy agent used to estabhsh outgoing 
connections (col. 2, hnes 36-65, the firewall proxy or the transcoding server could be considered 
such an outgoing server). 

6. As to claim 4, Spicer teaches the scheme of claim 1 wherein the extemal proxy server is 
in communication with at least one other network, receives, and stores data addressed to the at 
least one internal network device (col. 3, line 31 -col. 4, line 5). 

7. As to claim 5, Spicer teaches the scheme of claim 4, wherein the proxy agent polls the 
extemal proxy server to check for data addressed to the at least one internal network device (col. 
5, lines 5-45). 

8. As to claim 6, Spicer teaches the scheme of claim 5 wherein the proxy agent downloads 
data addressed to the at least one intemal network device form the extemal proxy server and 
forwards the data to the at least one intemal network device (col. 4, line 3 1-col. 5, Une 4). 

9. As to claim 8, Spicer teaches the scheme of claim 1, wherein the proxy agent forwards 
outgoing data to the extemal proxy server, which transmits the data to the at least one external 
network device (col. 2, lines 36-65). 
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Claim Rejections - 35 USC § 103 

10. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

11. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent 
Number 7,007,093 to Spicer et al. in view of U.S. Patent Number 6,854,121 to Barnard et al.. 

12. As to claim 2, Spicer teaches the reverse proxy scheme of claim 1 ; however Spicer does 
not expUcitly teach the use of HTTP for communication with the internal network devices. 

Barnard teaches the use of HTTP for communications with devices such as those taught 
by Spicer (col. 8, lines 38-61). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Spicer regarding communication to a private 
network with the teachings of Barnard regarding the use of HTTP for connecting to a network 
device because Spicer is not specific about the protocol used to actually communicate with the 
internal devices so Barnard shows that HTTP would be a logical choice. 

13. Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent 
Number 7,007,093 to Spicer et al. in view of U.S. Patent Number 6,854,121 to Barnard et al. in 
further view of U.S. Patent Number 6,510,464 to Grantges Jr. et al.. 

14. As to claim 7, Spicer teaches the reverse proxy scheme of claim 4; however Spicer does 
not explicitly teach the proxy server ensuring proper cookie routing. 
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For reasons discixssed in the rejection of claim 2 it would have been obvious to combine 
the teachings of Spicer with the use of HTTP. 

The Spicer-Bamard combination makes obvious the use of HTTP to communicate with 
devices such as those taught by the Spicer-Bamard combination; however they do not expUcitly 
teach ensuring proper cookie routing. 

Grantges, Jr. teaches a proxy server that ensures proper cookie routing (col. 11, line 63- 
col. 12, line 10). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bamard combination regarding the 
use of HTTP in a system for communicating with private network devices with the teachings of 
Grantges, Jr. regarding the routing of cookies because cookies are commonly communicated 
during HTTP communication. 

15. Claims 9-10, 13-15 and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent Number 7,007,093 to Spicer et al. in view of U.S. Patent Number 6,457,054 to 
Bakshi et al.. 

16. As to claim 9, Spicer teaches a method of accessing an internal network device on a 
protected network, the network including a security device, the method comprising: storing data 
addressed to the intemal network device in an extemal proxy server (col. 4, lines 4-24); 
maintaining a proxy agent on the protected network, the proxy agent executing the step of 
polling the extemal proxy server for data addressed to the intemal network device, where polling 
includes: connecting to the extemal proxy server to check for pending traffic (col. 4, Unes 4-24); 
receiving from the extemal proxy server when the extemal proxy server has received data from a 
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client (col. 4, lines 4-24); forwarding to the internal network device any data on the external 
proxy server and addressed to the internal network device; and forwarding to the external proxy 
server any data addressed to an external device in communication with the external proxy server 
(col. 4, lines 4-24); however Spicer does not expHcitly teach the external proxy server sending a 
stream of spurious bytes if there is nothing pending for the internal network device. 

Bakshi teaches a method of receiving a stream of spurious bytes from a proxy server if 
there is nothing pending for the network device (col. 3, lines 46-67). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Spicer regarding communication through a 
private network with the teachings of Bakshi regarding the transmission of spurious bytes 
because spurious bytes keep communication channels open and thus reduce latency that would 
be required to estabhsh a connection (Bakshi, col. 3, lines 46-67), 

17. As to claim 10, Spicer teaches a method of polling the external server at regular intervals 
(col. 4, lines 4-24). 

18. As to claim 13, Bakshi teaches a method of multiplexing multiple requests from the 
proxy agent to proxy server through the same connection (col. 3, line 46-67). 

19. As to claim 14, Spicer teaches a method of maintaining by the proxy server maps 
between local TCP/IP ports of the proxy server and private IP addresses on the protected 
network, the maps being distinguished by an identity of the proxy agent used to access them (col. 
4, lines 4-44). 
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20. As to claim 1 5, Spicer teaches a method of publishing by each proxy agent a list of 
addresses it can reach to the extemal proxy server, the external proxy server using this list to 
create a respective map between local ports and proxy agents (col 4, line 55-coL 5, Hne 15), 

21 . As to claim 20, Spicer teaches a method of providing network administrators control over 
the system including granting administrators the ability to allow and deny entry into the 
protected network on a per session basis (col. 4, line 55-col. 5, line 15). 

22. Claim 11-12, 16, 20-21, and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent Number 7,007,093 to Spicer et al. in view of U.S. Patent Number 6,457,054 to 
Bakshi et al. in further view of U.S. Patent Number 6,510,464 to Grantges Jr. et al.. 

23. As to claim 1 1, the Spicer-Bakshi combination does not exphcitly teach the use of two 
separate protocols to inside and outside the private network. 

Grantges Jr. teaches a method of communicating by an internal network device with a 
proxy using a first network protocol and an extemal network device communicating with the 
proxy using a second protocol (Figure 7). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bakshi combination regarding 
communication to devices on a private network with the teachings of Grantges, Jr. regarding the 
use of different protocols inside and outside of the private network because some connections 
may be required to be seciu-e. 

24. As to claim 12, Grantges Jr. teaches a method wherein data addressed to an internal 
network device using a second network protocol is transmitted to the intemal device using the 
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first protocol so that the second protocol is carried to the internal network device inside the first 
network protocol (HTTP traffic is encrypted using HTTPS). 

25. As to claim 16, the Spicer-Bakshi combination does not explicitly teach ensuring cookie 
delivery. 

Grantges, Jr. teaches a proxy server that ensures proper cookie routing (col. 11, line 63- 
col. 12, line 10). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bakshi combination regarding a 
system for communicating with private network devices with the teachings of Grantges, Jr. 
regarding the routing of cookies because cookies are commonly communicated during HTTP 
communication. 

26. As to claim 18 and 19, they are rejected for the same reason as claims 1 1 and 12. 

27. As to claim 20, Grantges Jr. teaches the use of X.509 certificates (Fig 7). 

28. As to claim 21, the Spicer-Bakshi combination teaches the method of claim 9 however 
the Spicer-Bakshi combination does not expUcitly teach rewriting cookies with unique 
identifiers. 

Grantges Jr. teaches rewriting cookies with unique identifiers to prevent inadvertent 
transmission of private information to an incorrect recipient on the protected network (col. 9, line 
54-coL 10, hne 5). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bakshi combination regarding a 
system for communicating with private network devices with the teachings of Grantges, Jr. 
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regarding the routing of cookies because cookies are commonly communicated during HTTP 
communication. 

29. As to claim 23, the Spicer-Bakshi combination teaches the method of claim 9 however 
the Spicer-Bakshi combination does not exphcitly teach granting a key for access. 

Grantges teaches a method wherein access is conferred by granting a key with a 
predetermined life span (col. 7, lines 63 -col. 8, line 14). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bakshi combination regarding a 
system for communicating with private network devices with the teachings of Grantges, Jr. 
regarding granting a key because keys are commonly used to identify requesters. 

Response to Arguments 

30. Applicants arguments with respect to claims 1-16 and 18-23 have been considered but 
are moot in view of the new ground(s) of rejection. 

Conclusion 

3 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Douglas B. Blair whose telephone number is 571-272-3893. The 
examiner can normally be reached on 8:30am-5pm Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on 571-272-3868. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for pubUshed appUcations 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Douglas Blair \ 





